this post was submitted on 02 Aug 2024
267 points (98.9% liked)

Technology

59086 readers
3690 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] Boozilla@lemmy.world 21 points 3 months ago (10 children)

What are some good multi-platform alternatives/ replacements?

[–] PatrickYaa@lemmy.one 65 points 3 months ago (1 children)
[–] beejjorgensen@lemmy.sdf.org 17 points 3 months ago (1 children)

I switched to Aegis when google authenticator didn't allow exports. It's simple and it works.

[–] Estebiu@lemmy.dbzer0.com 0 points 3 months ago (2 children)

Wait, google auth doesnt allow exports? For me it dies..? Am I missing something..?

[–] Scrollone@feddit.it 3 points 3 months ago (1 children)

It allows exports but only is a stupid QR-code based format.

[–] Estebiu@lemmy.dbzer0.com 1 points 3 months ago

Aaahh, you mean that. Yeah, it's annoying.

[–] beejjorgensen@lemmy.sdf.org 1 points 3 months ago (1 children)

It does now--it didn't in the past.

[–] desktop_user@lemmy.blahaj.zone 1 points 3 months ago

It still does (last time I checked less than two weeks ago) it is just annoying and involves qr codes

[–] fart_pickle@lemmy.world 30 points 3 months ago

Bitwarden or Proton Pass.

[–] mosiacmango@lemm.ee 16 points 3 months ago* (last edited 3 months ago)

Keepass. Standalone FOSS apps for desktop/phone. Has OTP support.

Password/tokens are stored in a small encrypted db file you can copy/paste anywhere you need it. Has hundreds of plugins to do various things.

Use something like syncthing/nextcloud/onedrive to keep the file in sync across devices.

[–] freecloudgal@discuss.tchncs.de 12 points 3 months ago

Duo, Aegis, Bitwarden, Proton.

[–] Eezyville@sh.itjust.works 9 points 3 months ago

I use KeePassXC and a Yubikey 5. You can store a certain number of 2fa on the key but i also back up the secret key and recovery codes on KeePassXC which is backed up on my Nextcloud. When using the Yubikey there is an app on desktop and mobile that reads they key but doesn't store the codes. Open the app, plug in the key, the TOTP appears, take the key out and the TOTP is gone.

[–] BakedCatboy@lemmy.ml 8 points 3 months ago* (last edited 3 months ago)

I like using bitwarden, the selfhosted vaultwarden server stores it with passwords and makes codes available in the app / browser extension. I also keep them backed up on a nas and synced off-site just in case.

[–] haulyard@lemmy.world 7 points 3 months ago (1 children)

Along with others already mentioned, 1Password can support 2fa.

[–] batcheck@lemmy.world 2 points 3 months ago

1Password has impressed me. I’ve used KeePassXC, LastPass, Bitwarden (but not extensively and one of the early versions), and even CyberArk (🤮).

1Password is closed source but it’s one of those pieces of software that just works the way you expect it to. Hard to confirm a lot of their security claims. Just rolling with “Have not heard a lot about 1Password breaches” mentality.

We got lucky at work and used it to replace an unmanageable long list of KeePass database files that were sprawling everywhere. With that everyone who uses 1Password at work gets an associate private family account. Made managing my kids passwords and share some of our common family passwords way easier and I still get to lock them out of my passwords I don’t want them using.

I believe modern Bitwarden for enterprise has a similar licensing sweetener with a private family account for each corporate account.

[–] kolorafa@lemmy.world 5 points 3 months ago (1 children)
[–] mosiacmango@lemm.ee 2 points 3 months ago* (last edited 3 months ago) (1 children)

AndOTP is great. Its free and had simple and easy encrypted backups. I love how its timer counts down, not up like some others and highlights the token in red so you know you need to hustle or wait.

[–] tja@sh.itjust.works 1 points 3 months ago (1 children)

It seems I cannot install it because the app is too old for Android 14..

[–] saiarcot895@programming.dev 1 points 3 months ago

That's odd, I'm on Android 14 and have andOTP installed.

[–] Damage@feddit.it 4 points 3 months ago (1 children)

I switched to Ente Auth some time ago when bad news about authy started getting out

[–] anas@lemmy.world 1 points 3 months ago

Same here, have no problems so far.

[–] Fubarberry@sopuli.xyz 3 points 3 months ago (1 children)

A lot of password managers support 2fa now. I use Enpass because I got a lifetime license a long time ago (it's also available to people with Google Play pass), but I know some other popular options have it too.

[–] BorgDrone@lemmy.one 13 points 3 months ago (3 children)

The whole point of 2FA is to keep the second factor separate from the first. If you store both in the same password manager app that defeats the entire point of 2FA.

[–] hikaru755@lemmy.world 20 points 3 months ago

It still protects you from your passwords being compromised in any way except through a compromise of the password manager itself. Yes, it's worse than keeping them separate, but it's also still much better than not having 2fa at all.

[–] Pika@sh.itjust.works 1 points 3 months ago

I only switched to keepass due to the fact that nothing seems to support a desktop application like authy did. Not everyone keeps a phone on them 24/7. If they don't want that risk they would allow desktop apps. least in my opinion

[–] EngineerGaming@feddit.nl 1 points 3 months ago

You can have a separate database for the TOTP.